diff options
| author | Stan Hu <stanhu@gmail.com> | 2019-06-25 14:47:17 -0700 |
|---|---|---|
| committer | Stan Hu <stanhu@gmail.com> | 2019-06-25 16:16:03 -0700 |
| commit | a1fc251ed921b02e9e98fc27e445ed56d64a6971 (patch) | |
| tree | f9460e27b578c71e002a16c0915c3ef08c5ba598 | |
| parent | 3c240b7aea7fee1c4267d0ceb717ba0234e5e788 (diff) | |
| download | gitlab-ce-a1fc251ed921b02e9e98fc27e445ed56d64a6971.tar.gz | |
Disable Rails SQL query cache when applying service templates
When the SQL query cache is active, the SELECT query for finding
projects to apply service templates returns the same values. This causes
an infinite loop because even though bulk INSERT queries are made, the
cached results never reflect that progress. To fix this, we call
`Project.uncached` around the query to ensure new data is retrieved.
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/63595
| -rw-r--r-- | app/services/projects/propagate_service_template.rb | 2 | ||||
| -rw-r--r-- | changelogs/unreleased/security-fix-issue-59379-11-10.yml | 5 | ||||
| -rw-r--r-- | spec/services/projects/propagate_service_template_spec.rb | 2 | ||||
| -rw-r--r-- | spec/spec_helper.rb | 6 |
4 files changed, 13 insertions, 2 deletions
diff --git a/app/services/projects/propagate_service_template.rb b/app/services/projects/propagate_service_template.rb index 633a263af7b..9c753a7a910 100644 --- a/app/services/projects/propagate_service_template.rb +++ b/app/services/projects/propagate_service_template.rb @@ -24,7 +24,7 @@ module Projects def propagate_projects_with_template loop do - batch = project_ids_batch + batch = Project.uncached { project_ids_batch } bulk_create_from_template(batch) unless batch.empty? diff --git a/changelogs/unreleased/security-fix-issue-59379-11-10.yml b/changelogs/unreleased/security-fix-issue-59379-11-10.yml new file mode 100644 index 00000000000..a6c3ce14dce --- /dev/null +++ b/changelogs/unreleased/security-fix-issue-59379-11-10.yml @@ -0,0 +1,5 @@ +--- +title: Disable Rails SQL query cache when applying service templates +merge_request: +author: +type: security diff --git a/spec/services/projects/propagate_service_template_spec.rb b/spec/services/projects/propagate_service_template_spec.rb index f4c59735c43..e015374f3ae 100644 --- a/spec/services/projects/propagate_service_template_spec.rb +++ b/spec/services/projects/propagate_service_template_spec.rb @@ -70,7 +70,7 @@ describe Projects::PropagateServiceTemplate do expect(project.pushover_service.properties).to eq(service_template.properties) end - describe 'bulk update' do + describe 'bulk update', :use_sql_query_cache do let(:project_total) { 5 } before do diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 60db3e1bc46..74501ed8808 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -213,6 +213,12 @@ RSpec.configure do |config| ActionController::Base.cache_store = caching_store end + config.around(:each, :use_sql_query_cache) do |example| + ActiveRecord::Base.cache do + example.run + end + end + # The :each scope runs "inside" the example, so this hook ensures the DB is in the # correct state before any examples' before hooks are called. This prevents a # problem where `ScheduleIssuesClosedAtTypeChange` (or any migration that depends |